diff options
| author | Rich Salz <rsalz@openssl.org> | 2017-08-03 15:23:28 +0200 |
|---|---|---|
| committer | Rich Salz <rsalz@openssl.org> | 2017-08-03 15:23:28 +0200 |
| commit | 75e2c877650444fb829547bdb58d46eb1297bc1a (patch) | |
| tree | 67ad6280bccdca4ae95cc269b1994ea4c1557aa7 /crypto/ec/ecdsa_ossl.c | |
| parent | Move ossl_assert (diff) | |
| download | openssl-75e2c877650444fb829547bdb58d46eb1297bc1a.tar.xz openssl-75e2c877650444fb829547bdb58d46eb1297bc1a.zip | |
Switch from ossl_rand to DRBG rand
If RAND_add wraps around, XOR with existing. Add test to drbgtest that
does the wrap-around.
Re-order seeding and stop after first success.
Add RAND_poll_ex()
Use the DF and therefore lower RANDOMNESS_NEEDED. Also, for child DRBG's,
mix in the address as the personalization bits.
Centralize the entropy callbacks, from drbg_lib to rand_lib.
(Conceptually, entropy is part of the enclosing application.)
Thanks to Dr. Matthias St Pierre for the suggestion.
Various code cleanups:
-Make state an enum; inline RANDerr calls.
-Add RAND_POLL_RETRIES (thanks Pauli for the idea)
-Remove most RAND_seed calls from rest of library
-Rename DRBG_CTX to RAND_DRBG, etc.
-Move some code from drbg_lib to drbg_rand; drbg_lib is now only the
implementation of NIST DRBG.
-Remove blocklength
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/4019)
Diffstat (limited to 'crypto/ec/ecdsa_ossl.c')
| -rw-r--r-- | crypto/ec/ecdsa_ossl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index d67c48524a..c7ab0ee1a3 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -20,7 +20,7 @@ int ossl_ecdsa_sign(int type, const unsigned char *dgst, int dlen, const BIGNUM *kinv, const BIGNUM *r, EC_KEY *eckey) { ECDSA_SIG *s; - RAND_seed(dgst, dlen); + s = ECDSA_do_sign_ex(dgst, dlen, kinv, r, eckey); if (s == NULL) { *siglen = 0; |